, AndyC wrote

@JeremyJ: That's usually caused by the spammer setting setting fake From and Reply-To addresses on the messages they send out, so that bounced mail and/or complaints goes to someone else. Also quite common with mail-based viruses.

If there are signs the account is being abused (i.e. messages actually in the Sent folder) and changing the password doesn't stop it, I'd probably be more inclined to suspect a problem on the client machine than making a broad assumption about Yahoo's infrastructure.

 

Yes that is one thing, if the pc was infected with a spam-bot, then some other person could use that pc to send junk all day long and you might never know....

but also when you get the NDR bounce check the full message headers, make a copy of them and get someone who knows how to read them.  for example:

From and Reply to can point to jane.smith@Yahoo.com

but what if the headers show a chain of relay servers and never came from a yahoo mail server at all ?

just looking at the NDR you will not see that.  you think it came from you or Yahoo, but really it came from some spammers server with a fake return address.

the reciving server thinks that it should send the NDR back to the mail from address.

the spamm sender gets off , they are generating billions of packets of error messages that are going to everyone but the spammer.  this saves them a lot of cash as they do not have to pay fro the bandwith and the compute cost of handling a flood of traffic created by the spam the send out.

 

PS: I used to run the Tech support for an ISP around 1995-1999 and used to deal with this 7 days a week for 25K users accounts....   that's why this is a topic i care about. also used to get calls from local cops trying to catch scamers selling stuff via email.  fun stuff teaching them how to do that back then.  Smiley